Researchers at Calif have demonstrated that the Codex AI model can successfully escalate privileges from a simple browser foothold to root access on a Samsung Smart TV. The study, conducted in partnership with OpenAI, shows the AI's ability to audit firmware source code and execute complex exploits on live hardware.
The research team began with code execution inside the browser application's security context on the device. Their objective was to determine if Codex could bridge the gap between a limited browser shell and full administrative control.
To facilitate the experiment, the researchers provided the AI with an environment containing the 'KantS2' firmware source tree. This allowed the model to audit Samsung's kernel-driver code and test potential vulnerabilities against the live device.
Navigating hardware restrictions
The AI faced significant technical hurdles, including Samsung Tizen's Unauthorized Execution Prevention (UEP), which blocks unsigned programs from running on the disk. To bypass this, the researchers implemented a 'memfd' wrapper, allowing Codex to load programs into anonymous in-memory file descriptors.
According to the Calif report, Codex managed the entire attack lifecycle. The model enumerated the target, narrowed the attack surface, and validated physical-memory primitives on the live device.
"We gave Codex a foothold. It popped a root shell," the researchers stated in their documentation. The process required the AI to use a separate controller host to build ARM binaries and inject commands into a running shell via tmux.
The researchers noted that the AI's loop involved inspecting session logs, building necessary tools on a remote controller, and fetching them to the TV via HTTP. The experiment concludes that the model can effectively iterate through complex exploitation chains when provided with the appropriate development environment and source access.
